General
-
Target
04737a0fa1bdaa52e430dc81827a792b69719abaf3112fcd4448f4a5b409619e
-
Size
135KB
-
Sample
240925-wtz6pszbrm
-
MD5
f3b291f4d5dd3ec4214bca22307ab5ad
-
SHA1
6090f422d5b9d26280f1e017bfcb93ac7265a5dd
-
SHA256
04737a0fa1bdaa52e430dc81827a792b69719abaf3112fcd4448f4a5b409619e
-
SHA512
4695bacbcb6142b6798667cd29d520d4c93ba101907e084be8f4276b61c687d84fe93569f637e8c132f8fb5cfd7361e1f3a95680c7081cd4e9817fc3f291c609
-
SSDEEP
3072:0DTRiupUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLO:8coIDbByGPMsMP
Malware Config
Targets
-
-
Target
04737a0fa1bdaa52e430dc81827a792b69719abaf3112fcd4448f4a5b409619e
-
Size
135KB
-
MD5
f3b291f4d5dd3ec4214bca22307ab5ad
-
SHA1
6090f422d5b9d26280f1e017bfcb93ac7265a5dd
-
SHA256
04737a0fa1bdaa52e430dc81827a792b69719abaf3112fcd4448f4a5b409619e
-
SHA512
4695bacbcb6142b6798667cd29d520d4c93ba101907e084be8f4276b61c687d84fe93569f637e8c132f8fb5cfd7361e1f3a95680c7081cd4e9817fc3f291c609
-
SSDEEP
3072:0DTRiupUPb1WpXVxAaGBvbNvNbNJkvmhyPQbaDTUXGIDbwKDqCtrwdAxaVTtVHLO:8coIDbByGPMsMP
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2